6e80c64f96e36a1129b12906d50a845759b8b800d0833e4052e2fbadad75b4dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e80c64f96e36a1129b12906d50a845759b8b800d0833e4052e2fbadad75b4dd
Size

63KB
MD5

c070f159d79d8d1f104ac5e6631267b8
SHA1

cf8312d3162830be93b7a9ed89c1b5a0f2f1678b
SHA256

6e80c64f96e36a1129b12906d50a845759b8b800d0833e4052e2fbadad75b4dd
SHA512

a274ae327499cde2e906dd087084539e23091cc1bf2055ff39bb8c0da7ba7072a4e69f26d3d5cf8160cc678db249fd29c35aac5d8a3d6c6d17a02c4924ded8a6
SSDEEP

1536:ZdaNbRlDy8KneMg2HGSvlGT5FcB/fKHfYww0b+Hxy:Z0Nl1rMGSQkfmfYw7Yxy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e80c64f96e36a1129b12906d50a845759b8b800d0833e4052e2fbadad75b4dd

Files

6e80c64f96e36a1129b12906d50a845759b8b800d0833e4052e2fbadad75b4dd
.exe windows:4 windows x86 arch:x86

2cb137675b9e504b513b02f948123bae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
EnumSystemCodePagesW
TzSpecificLocalTimeToSystemTimeEx
QuirkIsEnabledWorker
SetFirmwareEnvironmentVariableW
LocalHandle
SystemTimeToFileTime
BaseInitAppcompatCacheSupport
SetCommMask

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE